Solved Best way to adress a jail


I'm currently my FreeBSD machine and I wondering what'S best option to adress a jail with IP.

my ifconfig

re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 48:5b:39:c9:68:11
        inet netmask 0xffffff00 broadcast
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
        inet netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

Should I create an alias on re0 or lo0 ?

So /etc/rc.conf

ifconfig_lo1_alias0="inet netmask"


ifconfig_re1_alias0="inet netmask"

Thank you in advance for sharing your knowledge and wisdom :)
If you use 'lo1' then your jails will use local IP address something like this '' and enable firewall for NAT routing from '' to ''.

if you use 're0' then jails will be connected directly to your NIC card as '' so no need for NAT routing.
Thank you for your response.

In term of security or "best practice" the best way is to use a local IP adress or connected directly to NIC ?

It sound like stupid question but I try to figure what's best for me ?

The pupose is to install stuff like plex and nextcloud in distinct jail.
I'm going to assume you'll be using the computer at home behind a router so direct connection to NIC is better. Personally it makes no difference unless if you want to keep jails separated from the Internet then 'lo1' is better with firewall enabled in FreeBSD. I usually find Plex or Serviio works better without the firewall.
Thank you very much for your response, and you guest well, the server is behind a router.